An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
50/172
)
CCIs
Number
Definition
Status
Related
CCI-001471
Employ organization-defined automated mechanisms or manual processes required to assist users in making information sharing/collaboration decisions.
Draft
AC-21
CCI-001472
Defines the automated mechanisms or manual processes required to assist users in making information sharing/collaboration decisions.
Draft
AC-21
CCI-001473
Designate individuals authorized to post information onto a publicly accessible system.
Draft
AC-22
CCI-001474
Train authorized individuals to ensure that publicly accessible information does not contain nonpublic information.
Draft
AC-22
CCI-001475
Review the proposed content of information prior to posting onto the publicly accessible system to ensure that nonpublic information is not included.
Draft
AC-22
CCI-001476
Review the content on the publicly accessible system for nonpublic information on an organization-defined frequency.
Draft
AC-22
CCI-001477
Defines a frequency for reviewing the content on the publicly accessible system for nonpublic information.
Draft
AC-22
CCI-001478
Remove nonpublic information from the publicly accessible system, if discovered.
Draft
AC-22
CCI-001479
The organization provides refresher security awareness training to all information system users (including managers, senior executives, and contractors) in accordance with the organization-defined frequency.
Draft
AT-2
CCI-001480
The organization defines the frequency for providing refresher security awareness training to all information system users (including managers, senior executives, and contractors).
Draft
AT-2
CCI-001481
Provide organization-defined personnel or roles with initial training in the employment and operation of environmental controls.
Draft
AT-3(1)
CCI-001482
Provide organization-defined personnel or roles with refresher training in the employment and operation of environmental controls in accordance with the organization-defined frequency.
Draft
AT-3(1)
CCI-001483
Defines a frequency for providing employees with refresher training in the employment and operation of environmental controls.
Draft
AT-3(1)
CCI-001484
Defines the frequency of (or situation requiring) logging for each identified event.
Draft
AU-2
CCI-001485
Defines the event types for logging within the system.
Draft
AU-2
CCI-001486
The organization defines a frequency for reviewing and updating the list of organization-defined auditable events.
Draft
AU-2(3)
CCI-001487
Ensure that audit records containing information that establishes the identity of any individuals, subjects, or objects/entities associated with the event.
Draft
AU-3
CCI-001488
Defines the additional information to be included in the audit records.
Draft
AU-3(1)
CCI-001489
The organization defines information system components for which generated audit records are centrally managed by the organization.
Draft
CCI-001490
Defines the actions to be taken by the system upon audit failure, including shutting down the system, overwriting oldest audit records, and stopping the generation of audit records.
Draft
AU-5
CCI-001491
Correlate information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.
Draft
AU-6(6)
CCI-001492
The organization defines an authoritative time source for the synchronization of internal information system clocks.
Draft
AU-8(1)
CCI-001493
Protect audit tools from unauthorized access.
Draft
AU-9
CCI-001494
Protect audit tools from unauthorized modification.
Draft
AU-9
CCI-001495
Protect audit tools from unauthorized deletion.
Draft
AU-9
CCI-001496
Implement cryptographic mechanisms to protect the integrity of audit tools.
Draft
AU-9(3)
CCI-001497
Defines a frequency for the review and update to the baseline configuration of the system.
Draft
CM-2(1)
CCI-001498
Defines a time period after which proposed changes to the system that have not been approved or disapproved are highlighted.
Draft
CM-3(1)
CCI-001499
Limit privileges to change software resident within software libraries.
Draft
CM-5(6)
CCI-001500
The information system automatically implements organization-defined safeguards and countermeasures if security functions (or mechanisms) are changed inappropriately.
Draft
Prev
1...
46
47
48
49
50
51
52
53
54
...172
Next